Is it an option for you to make it anonymous?
If permissions are set to anonymous it won’t require a login.
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
dotcms+un...@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/dotcms/e8957be8-b650-4c3f-a9ee-ab55dca84d88%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Is it an option for you to make it anonymous?
If permissions are set to anonymous it won’t require a login.
Nathan I. Keiter | Lead Network Applications Programmer | Benefits Advisory Council Member | I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dotcms@googlegroups.com] On Behalf Of rui.bu...@gmail.com
Sent: Monday, August 28, 2017 12:04 PM
To: dotCMS User Group
Subject: [dotcms] Inserting content through REST call
Hi,
The title is self explanatory.
I have a page containing a widget.
This widget work as a poll, in which case provides feedback if the page was helpful or not with a "Yes" or "No".
After the user chooses an option, "yes" or "no", i want to perform a REST api call and increment the positive or negative feedback, and here comes the tricky part.
From my research, i've notided you allow rest calls in order to insert content, but unfortunetely there isn't a way to do this without exposing the username and password in javascript.
could you guys show me an example, where i'm able to perform a REST api call in order without exposing my credentials ?
Best Regard,
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+unsubscribe@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/e8957be8-b650-4c3f-a9ee-ab55dca84d88%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/9612835e4d06485c870462f8fe68fccc%40exch13c.ms.gettysburg.edu.
Can you pre-encrypt your auth header value?
Use an auth header to authenticate. Perhaps build it in a viewtool to hide username and password.
Also, if you have a tool like Chrome advanced rest client and the credentials are always the same, you could use that to generate the auth header for those credentials and then paste it into your code.
Another option would be to do the API call in Java. Build a “page between” that calls a viewtool to do the API call and then outputs the result.
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dot...@googlegroups.com] On Behalf Of rui.bu...@gmail.com
Sent: Wednesday, August 30, 2017 7:22 AM
To: dotCMS User Group
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/b34e56d0-ba75-4b19-8bc9-a8b00a753f7f%40googlegroups.com.
One more option: create your own rest endpoint that extends the functionality of theirs. But in yours, create a user object in Java for some predetermined user and use that user as the author.
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/aef760d7f1524864bd065710f959c568%40exch13c.ms.gettysburg.edu.
I would say use an auth header then.
That would give access while obscuring the actual username and password values.
https://dotcms.com/docs/latest/save-content-using-rest-api#authentication
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dot...@googlegroups.com]
On Behalf Of rui.bu...@gmail.com
Sent: Wednesday, August 30, 2017 9:09 AM
To: dotCMS User Group
Subject: [dotcms] Re: Inserting content through REST call
Nathan,
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
dotcms+un...@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/b1abf5cd-a24e-4375-a7c2-0a16a5a57d3d%40googlegroups.com.
Demo: Get encoded Auth header value from Google Advanced REST Client app.
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dot...@googlegroups.com] On Behalf Of Nathan Keiter
Sent: Wednesday, August 30, 2017 9:12 AM
To: dot...@googlegroups.com
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/490ad89c158e4121985d7d16b43a8422%40exch13c.ms.gettysburg.edu.
Nathan,The last approach you mentioned takes me to my first problem, since authentication is encoded with base64, its easy for someone to inspect the code and check credentials :/.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/c38f717d-7938-4cca-b2c2-3a689d4abd02%40googlegroups.com.
Does it matter?
I mean create a dummy user “Johny Content Rater” with username and password. Grant a role to be able to add this content type and nothing else.
That way it’s not a real users’ credentials.
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dot...@googlegroups.com]
On Behalf Of rui.bu...@gmail.com
Sent: Wednesday, August 30, 2017 10:10 AM
To: dotCMS User Group
Subject: [dotcms] Re: Inserting content through REST call
Nathan,
The last approach you mentioned takes me to my first problem, since authentication is encoded with base64, its easy for someone to inspect the code and check credentials :/.
--
I think he’s worried about someone doing a “view source” on the page.
Nathan I. Keiter
|
Lead Network Applications Programmer
|
Benefits Advisory Council Member
|
I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dot...@googlegroups.com] On Behalf Of Jason Tesser
Sent: Wednesday, August 30, 2017 10:14 AM
To: dotCMS User Group
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/CALDe1GP3p70EkA%2BOw5sAQkxWr%2BM8Muig3ZiuQvOr0W23%2BvQEWg%40mail.gmail.com.
I think he’s worried about someone doing a “view source” on the page.
Nathan I. Keiter | Lead Network Applications Programmer | Benefits Advisory Council Member | I.D.E.A Council Member
Gettysburg College | Information Technology | DataSystems
Campus Box 2453 | 300 North Washington Street | Gettysburg, PA 17325
Phone: 717.337.6993
From: dot...@googlegroups.com [mailto:dotcms@googlegroups.com] On Behalf Of Jason Tesser
Sent: Wednesday, August 30, 2017 10:14 AM
To: dotCMS User Group
Subject: Re: [dotcms] Re: Inserting content through REST call
You should be running SSL which addresses the concern
On Wed, Aug 30, 2017 at 10:09 AM <rui.bu...@gmail.com> wrote:
Nathan,
The last approach you mentioned takes me to my first problem, since authentication is encoded with base64, its easy for someone to inspect the code and check credentials :/.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+unsubscribe@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/c38f717d-7938-4cca-b2c2-3a689d4abd02%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+unsubscribe@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/CALDe1GP3p70EkA%2BOw5sAQkxWr%2BM8Muig3ZiuQvOr0W23%2BvQEWg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/d19074d151674efa9c31ccdfbf08df8b%40exch13c.ms.gettysburg.edu.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.
To post to this group, send email to do...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/c38f717d-7938-4cca-b2c2-3a689d4abd02%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.
To post to this group, send email to dot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/CALDe1GP3p70EkA%2BOw5sAQkxWr%2BM8Muig3ZiuQvOr0W23%2BvQEWg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.